Wednesday night, the security world blew up with the news (which had actually been out there for a while), that the adware/malware Superfish that Lenovo had been installing by default on many laptops included a massive and dangerous security vulnerability by installing its own, self-signed root HTTPS certificate, and then basically mounting a man in the middle attack on every single HTTPS connection — and doing so with an easily hacked certificate, creating a giant vulnerability for anyone owning one of those laptops. We were shocked at the tone-deafness of Lenovo’s initial response, which didn’t even name which laptops Superfish was installed on, and made this blatantly bullshit statement: